Administrator

Greetings Adventurers! Here at Treasure Wars we take security very seriously, which is why we released a Security Update earlier today helping players secure their accounts on our services. This update includes the addition of 2FA (Two Factor Authentication), as well as a VPN Prevention System. You can find this update's announcement post here.

Two Factor Authentication
We have added the option for players to add an additional layer of security to their account by using our brand new 2FA (Two Factor Authentication) System. This allows players to secure their account and block any intruder's access to their account in the case of an account compromise.

To setup 2FA on your account, simply visit the Lobby and type /2fa. You will be given a map which has a generated key and barcode.

​

You are able to scan this barcode with a Mobile Authentication App, such as Authy. We highly suggest using Authy as it backups your accounts and codes, so in the case of losing your authenticator, you will still have access to your 2FA codes.

To scan this, simply open the authenticator app and click "Add Account" or "Scan Barcode". You can then scan the map with your smart phone to start generating your Treasure Wars 2FA codes. Once this is done, simply enter your code from your phone by typing /2fa <code> such as /2fa 123456.

​

Once you have logged in your code successfully, you will be prompted a message that your 2FA has been activated. You will only need to enter in a 2FA code if your IP Address changes.

​

Enabling Two Factor Authentication is a perfect way to add another layer of protection on your account. With 2FA, your password is quite useless to hackers and users who use brute-force in attempt to hijack your account.

If you decide that you no longer want 2FA on your account or are planning on switching your authenticator, you can disable 2FA by typing /2fa remove once you have successfully logged into your account.

PLEASE NOTE: If you enable 2FA on your account and lose your Authenticator, staff members will NOT be able to remove your 2FA. This is for your own safety in the chance of your account being compromised. Please use Authy for your Authenticator as you can backup your accounts in the case of losing your phone/authenticator.

Administrator

Generating a Strong PasswordOne of the most common mistakes users make is using the same weak password for all of their accounts on multiple services. This is one of the most dangerous things you can do as hackers can gain access to all of your accounts by guessing your single-use password. We suggest using unique, randomly generated, passwords on all services, and using a Password Manager to safely store your passwords.

To generate a strong password, you can use LastPass's Password Generator to generate a secure password by using javascript from your computer and special symbols, numbers, and letters. You're able to set the length of how long you want your password, which is quite useful for services which require a minimum of X characters for passwords.

​

Using a Password ManagerTrying to memorize your own passwords in your head is another key factor for why users use weak and simple passwords. Users typically create patterns in their passwords so that they can remember them better, but this only leads to brute-force attacks easily guessing your password. We suggest using a Password Manager, such as LastPass to safely memorize your passwords for you.

LastPass has tons of features, such as a Chrome Extension for auto filling password fields in login pages, alerting you when your password has been compromised, generate strong passwords, and a Mobile App which allows you to fill in your passwords on your mobile app.

With LastPass, the only password you'll need to remember is your Master Password. We also suggest enabling 2FA on your LastPass Account.